Lucene search
HistoryAug 14, 2015 - 6:59 p.m.
CVE-2015-1844
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.002
Percentile
56.5%
Foreman before 1.7.5 allows remote authenticated users to bypass organization and location restrictions by connecting through the REST API.
Affected configurations
Node
theforemanforemanRange≤1.7.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| theforeman | foreman | * | cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2015-1844
2015-08-14 18:59:05
prion
prion
Authentication flaw
2015-08-14 18:59:00
cvelist
cvelist
CVE-2015-1844
2015-08-14 18:00:00
nessus
nessus
RHEL 6 : Satellite Server (RHSA-2015:1592)
2015-09-01 00:00:00
RHEL 7 : Satellite Server (RHSA-2015:1591)
2015-09-01 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2019-05-02 05:42:13
Privilege Escalation
2019-05-02 05:42:26
Man-In-The-Middle (MitM)
2019-05-02 05:42:16
redhat
redhat
(RHSA-2015:1592) Important: Red Hat Satellite 6.1.1 on RHEL 6
2015-08-12 04:47:35
(RHSA-2015:1591) Important: Red Hat Satellite 6.1.1 on RHEL 7
2015-08-12 04:38:51
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.002
Percentile
56.5%
Related for NVD:CVE-2015-1844